MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 acf551d423b53df418a2b3ba02372d320a7fba1a85ef1975abb85cfa3cc20853. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

AgentTesla

Vendor detections: 3

Intelligence 3 IOCs YARA File information Comments

SHA256 hash:	acf551d423b53df418a2b3ba02372d320a7fba1a85ef1975abb85cfa3cc20853
SHA3-384 hash:	a3f382fa688280da6c679fba2f0d8970e68b58930b0af8743502afba35ae8de9a759ddc9e07dd67a671510c34cc6a9cb
SHA1 hash:	7fb24a3520091815965d469ba04e73bb445e3c7b
MD5 hash:	f8d5d99c1d95c1656c8e64100ad5e3dd
humanhash:	march-network-stairway-bacon
File name:	NEW ORDER.Z
Download:	download sample
Signature	AgentTesla Create hunting rule
File size:	428'404 bytes
First seen:	2020-04-20 05:17:25 UTC
Last seen:	Never
File type:	z
MIME type:	application/x-rar
ssdeep	6144:kb/TMdJUhYWlcI4G9EB/Gb+f0TlNIxlXvnvzQddNC7YzmpcLdUqr4Kbe3iE2L:4gQ1ePIAGCfMYlHtSm2LWqiv2
TLSH	039423A0EDB04CB1F9E4A6D1EFCDDD94EA595AF511F0FCC681EE0A2BC1551B8CA13062
Reporter	cocaman
Tags:	AgentTesla z

cocaman

Malicious email
From: David<sales@edmundvalve.com>
Received: from edmundvalve.com (unknown [212.83.46.23])
Date: 19 Apr 2020 17:18:41 -0700
Subject: NEW PURCHASE ORDER